1. Field of the Invention
The invention relates to a system for securing protected software from unauthorized, i.e. unlicensed, use in computer networks, e.g. networks of UNIX workstations.
With increasingly widespread use of computer networks, there is a growing need to protect software producers from unauthorized use, within computer networks, of the software programs which they produce. In recent times, increasing importance has been attached to computer networks consisting of several interconnected work stations each having its own processor capacities, one or several processors, and which allow simultaneous operation of the same software at several work locations. This implies the possibility that a computer program, which is working on at least one computer integrated into a network, can be used simultaneously on several computers, on several processors and in multi-tasking operation on one processor, because without the possibility of simultaneous multi-use, all customers would have to purchase several copies of the program.
The problem of licensing software on a network consists therefore in allowing usage and protection for licensed software in a simultaneous multi-user environment on several, or all, computers integrated into the network. Without software protection, multi-use will lead to the software producer losing potential customers. This is the case for local networks as well as for so-called wide area networks which can be operated across national or continental boundaries.
At the same time, it is also very useful for the customer if the number of software licenses to be bought is dependent upon actual user requirements for the software and not on the number of computers provided for that use.
It is therefore in the interests of the software producer and also of the customer to provide for effective protection of licensed software in a network but which at the same time does not hinder users in the authorized, flexible use of the software purchased.
2. Description of the Prior Art
Systems used until now for protecting software are based on two fundamental principles. These are, on the one hand, PC orientated hardlocks, also known as dongles, which are normally connected to the computer's parallel interface. A dongle normally uses a hardware key to authorise the use of a program on a computer to which the dongle is physically connected.
Examples of a dongle are to be found in WO 91/15816, WO 94/06071 and EP 183 608.
The disadvantages of such a system are that the dongle must be connected to the computer upon which the software is to be used. If a licence is to be used on another computer, it is necessary to transfer the dongle. When using several software programs, each of which is protected by a dongle, the number of dongles becomes a hinderance because the necessary arranging of the different dongles, one after the other, becomes a technical impediment whilst at the same time decreasing operational security, which can lead to computer crashes and hardware damage. Such a dongle is not suitable for use in computer networks since neither the number of simultaneously operating software programs can be monitored, nor the licensing of software programs on other computers is possible. Multi-user licenses and licenses on different platforms, such as personal computers and UNIX workstations cannot be managed.
At the same time it is a guarantee deficiency associated therewith that upon logging onto a PC in a network via an external terminal, e.g via WINDD from Tektronix Co., uncontrolled multi-use of protected software is possible.
The second possibility for software protection comprises the use of a so-called licence manager in computer networks which represents a program installed on one computer in a network. This program monitors the use of a given number of licenses for protected programs running either on the same computer or on a different computer of the same network. Authorisation for usage of the program is based on definite identification of each computer by means of its so-called host-ID or its network address.
Examples of licence managers such as these are the Flexlm from Highland Software and Netls from Hewlett Packard and is also disclosed in the Japanese patent application 6-223040.
The disadvantages of a so-called licence manager, which is installed on one computer in a network, are that the monitoring of the licenced programs is tied to one or several specific computers in a network, the licencing being dependent, therefore, on at least one specific computer. If this computer ceases to function, either through defect or by its removal from the network, e.g because of aging or necessary repairs, this results in no further work being possible with the licensed software programs on all other computers in the network. It is also impossible to transfer existing licenses from one network to another. In this case it is necessary to contractually agree to a costly re-licensing. Furthermore, this transferring of the licence does not prevent the licensee from illegally continuing to use the previous licence on the old computer.